On Fri, Apr 13, 2018 at 6:24 PM Seth Arnold
wrote:
> On Fri, Apr 13, 2018 at 11:22:11AM -0700, Matthew Garrett wrote:
> > + rule->profile = kstrdup(rulestr, GFP_KERNEL);
> Hi Matthew, if this allocation fails, 'rule' is returned malformed; is
> this intentional?
I can confirm that my intent
This patch adds support to Apparmor for integrating with audit rule
filtering. Right now it only handles SUBJ_ROLE, interpreting it as a
single component of a label. This is sufficient to get Apparmor working
with IMA's appraisal rules without any modifications on the IMA side.
Signed-off-by: Matt